Spencer Schrock
4a5b4939a6
add future looking pull_request event to conditional
...
Scorecard currently has experimental support for the `pull_request`
trigger, so we want to allow analysis to be run for it in the future.
Signed-off-by: Spencer Schrock <sschrock@google.com >
2025-02-24 11:32:33 -07:00
Josh Soref
41e00af395
Limit scorecard to default branch
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2025-02-24 11:32:28 -07:00
Spencer Schrock
f70f9c8252
bump action versions to latest to resolve issues
...
1. Scorecard update v2.4.1 was released, which includes months of bug
fixes and a new `file_mode` input to address a .gitattributes bug.
2. Bumped actions/upload-artifact to the v4 branch. This was previously
kept at v3 as GHES doesn't support v4, but github.com no longer
supports v3: as uploads return the following error "Create Artifact
Container failed: The artifact name JSON file is not valid."
Signed-off-by: Spencer Schrock <sschrock@google.com >
2025-02-24 11:27:23 -07:00
AlexDeMichieli
a00915e13e
Merge pull request #2676 from blackduck-inc/main
...
Merging black-duck-security-scan template
2025-02-10 12:40:24 -08:00
Sadman Anik
fcdc1287fc
Fixed Linting Issues
2025-02-10 11:43:15 +06:00
Sadman Anik
345594d7f5
Updated actions/checkout v3 to v4
2025-02-07 14:47:21 +06:00
Sadman Anik
5969febe64
Resolved reviwed comments
2025-02-05 13:47:33 +06:00
Sadman Anik
51a27e7024
Merge branch 'main' into main
2025-02-04 16:17:52 +06:00
Orhan Toy
55eb18560f
Merge pull request #2748 from aeisenberg/patch-3
...
Add comments to codeql.yml
2025-02-03 13:22:17 +01:00
Andrew Eisenberg
adcb922ec2
Make the example setup more explicit.
2025-01-30 16:50:30 -08:00
Sadman Anik
1de3a149b3
Update black-duck-security-scan-ci.yml
2025-01-30 13:48:02 +06:00
Andrew Eisenberg
7398b4eca4
Remove trailing whitespace
2025-01-29 15:39:32 -08:00
Andrew Eisenberg
2abfcee18d
Update codeql.yml
...
Explicitly suggest that users add their setup steps before calling init.
2025-01-29 14:23:54 -08:00
Sadman Anik
56844b15c7
Merge branch 'main' into main
2025-01-28 12:45:05 +06:00
SOOS-GSteen
9085976703
SOOS Dast Feature Update ( #2733 )
...
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
2025-01-23 18:15:51 -06:00
Josh Gross
1e05f3c86d
Update starter workflows to use the latest artifact actions ( #2726 )
...
* Update starter workflows to use the latest artifact actions
* Ensure incompatible artifact actions aren't synced to GHES
2025-01-21 15:06:02 -05:00
Beth Brennan
f480e98459
Merge pull request #2465 from jsoref/bump-actions
...
Checkout: Update all workflows to use Checkout V4
2025-01-14 13:59:44 -05:00
Beth Brennan
3cd0650576
Merge branch 'main' into bump-actions
2025-01-14 13:13:27 -05:00
Josh Soref
95a3224907
Remove stray -
...
Co-authored-by: Beth Brennan <34719884+elbrenn@users.noreply.github.com >
2025-01-13 20:52:25 -05:00
Fabian Aguilar Gomez
b001911fc6
Merge pull request #2720 from actions/update-ruby
...
Update jekyll.yml
2025-01-13 15:05:21 -06:00
Fabian Aguilar Gomez
f8ea592ee6
Update jekyll.yml
2025-01-13 14:54:01 -06:00
Beth Brennan
f4f8d50fb6
Merge pull request #2711 from jsoref/fix-octopus-deploy
...
Fix octopus deploy
2025-01-13 12:59:45 -05:00
Beth Brennan
016b90714a
Merge branch 'main' into fix-octopus-deploy
2025-01-13 12:56:22 -05:00
Beth Brennan
a38d8caf42
Merge pull request #2464 from jsoref/ubuntu-latest
...
Ubuntu-Latest: Update all workflows to use ubuntu-latest
2025-01-13 12:54:55 -05:00
Beth Brennan
e1deb63e94
Merge branch 'main' into ubuntu-latest
2025-01-13 12:52:40 -05:00
Josh Soref
be1cddbe1d
Checkout: Update all workflows to use Checkout V4
2025-01-06 09:43:57 -05:00
Josh Soref
d9c5f62b74
Fix sentence style
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2025-01-06 09:25:40 -05:00
Josh Soref
17f0d2485e
Use unix line endings
...
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2025-01-06 09:25:36 -05:00
Josh Soref
9351ace4ef
Remove trailing whitespace
...
> trim trailing whitespace.................................................Failed
> - hook id: trailing-whitespace
> - exit code: 1
> - files were modified by this hook
>
> Fixing deployments/octopusdeploy.yml
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com >
2025-01-06 09:25:31 -05:00
Sadman Anik
9e76f8420e
Merge pull request #2 from blackduck-inc/blackducksecurityscan-template
...
Used hash instead of tag name
2024-12-23 16:50:51 +06:00
Sadman Anik
84747ed355
Used hash instead of tag name
2024-12-23 16:49:39 +06:00
Sadman Anik
1c8781f5a6
Merge pull request #1 from blackduck-inc/blackducksecurityscan-template
...
Blackducksecurityscan template
2024-12-18 18:08:10 +06:00
Sadman Anik
4a84ccf8e0
Added black duck security scan action template
2024-12-18 18:07:23 +06:00
Sadman Anik
1cc1562949
Added Black-Duck-Security-Scan logo
2024-12-18 17:52:20 +06:00
Rob E
f90b59f7cd
Add Octopus Deploy release and deploy workflow ( #2651 )
...
* Create Octopus Deploy workflow template
* add properties file
* Pin step versions
* update some text
* add octopus icon
* added linebreak
Co-authored-by: Alexis Abril <alexisabril@github.com >
* added linebreak
Co-authored-by: Alexis Abril <alexisabril@github.com >
* update octopusdeploy icon name
---------
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-12-13 10:54:28 -06:00
Beth Brennan
dfc0cdc56b
Merge pull request #2345 from trail-of-forks/ww/trusted-publish
...
ci/python-publish: bump, use trusted publishing
2024-11-22 10:03:25 -05:00
William Woodruff
00795b7fee
Apply suggestions from code review
2024-11-22 09:48:05 -05:00
William Woodruff
eee067e3ca
Apply suggestions from code review
...
Co-authored-by: Zach Steindler <steiza@github.com >
2024-11-22 09:47:32 -05:00
William Woodruff
eb32979001
Update ci/python-publish.yml
...
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua >
2024-11-06 21:03:35 -05:00
William Woodruff
347784759f
Update ci/python-publish.yml
...
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua >
2024-11-06 17:10:48 -05:00
William Woodruff
66c4bdd7f5
Merge branch 'main' into ww/trusted-publish
2024-11-05 12:52:19 -05:00
William Woodruff
958eb20360
Update ci/python-publish.yml
...
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua >
2024-11-05 12:50:41 -05:00
Orhan Toy
1394e47812
Merge pull request #2559 from ilya-k-1/jfrog/add_jfrog_sast_flow
...
Add jfrog-sast flow
2024-10-22 21:55:05 +02:00
Ilya Khivrich
7f50c70218
pass token over stdin, add security to properties
2024-10-22 11:53:35 +03:00
Ilya Khivrich
09fa3b9723
add jfrog-sast flow
2024-10-21 23:01:52 +03:00
ginilpg
666350e29b
Added appknox.yml for code scanning ( #2498 )
...
Create appknox.json
Create appknox.svg
Update appknox.json
Update appknox.svg
Rename appknox.json to appknox.properties.json
Update appknox.yml
Update appknox.yml
Update appknox.properties.json
Formatting yml
Removed preview mode from appknox scanner
Removed preview mode from appknox scanner
Add Appknox starter workflow (#2447 )
* Added appknox.yml for code scanning
* Create appknox.json
* Create appknox.svg
* Update appknox.json
* Update appknox.svg
* Rename appknox.json to appknox.properties.json
* Update appknox.yml
* Update appknox.yml
* Update appknox.properties.json
* Formatting yml
removed preview mode
removed preview mode
precommit lint
2024-09-17 13:50:21 -05:00
Thomas Horstmeyer
8190cec3e1
Merge pull request #2496 from aeisenberg/patch-2
...
Update eslint.yml
2024-09-12 17:09:53 +02:00
Andrew Eisenberg
dea60ba593
Update code-scanning/eslint.yml
2024-09-11 11:12:06 -07:00
Andrew Eisenberg
9d2ae7c028
Update appknox.yml
...
Fix more whitespace issues.
2024-09-10 11:50:28 -07:00
Andrew Eisenberg
ddb47be888
Update appknox.yml
...
Fix linting errors (remove whitespace).
2024-09-10 11:46:17 -07:00